Subscribe to our Best Free Adware/Spyware/Scumware Remover
|
In a Hurry?
|
 Go straight to the Quick Selection Guide |
|
Introduction
|
|
It's been some time since my last round of testing, and the time has certainly come for a refresher. Adopting much the same approach as previously, I have been asked if there were any surprises, and the honest answer is yes, there have. The most significant surprise was how difficult I was finding it to infect my system in the first place. After three hours of browsing, deliberatley choosing websites and domains where infection was almost a prerequisite, I had nothing, and it was only after investigating various system settings that I found out why. For those looking for the technical "how I did it", I once again started with a clean install of XP SP2 on a virtual machine, patched with the necessary microsoft updates. I deliberately did not upgrade to SP3. Having gotten my clean install, I backed it up, and then went off to infect it. Before doing so I downloaded installation packages for those on test, and once I had my machine infected, I backed up the infected machine. I restored the original infected machine to test each product, ensuring a level playing field for each test. Finally, I did incremental scans with each product on the same infected system. |
|
Discussion
|
|
So, the question is why was it so hard for me to get my machine infected in the first place, and having identified the "problem", my top recommendation is not an anti-malware product, and doesn't even involve a download or a scan of any type. It doesn't offer any form of protection on your PC, but it will help enormously against infection in the first place. What is this magic solution? For some time, I have been using OpenDNS as my DNS server, rather than my ISPs own offering. I hadn't realised how pro-active OpenDNS is in the fight against drive by malware protection. Quite simply, every time I tried to visit a site guaranteed to infect me, it was simply shown as not found. During normal browsing sessions you never see this, and so it took me a while to realise the cause. Only after switching back to my ISP hosted DNS was I able to find the infections that I craved. Requiring only a quick, free registration and simple confirguration change, you improve your protections considerably. Having made that recommendation, it is still possible to infect your system, either running software that may spread infection, or visiting sites that may not be in OpenDNS blacklist, and whilst an excellent first line of defence, local protection is still a must. Top of the list once again is SuperAntiSpyware, which successfully detected and cleaned 121 threats on my test system. A fairly lightweight download and simple installation (5.99 MB) mean that this is not a burdensome product. If anything, the general package, whilst aesthetically similar, is improved since last time, managing to detect and clean after a single scan rather than the two scans required last time. A reboot to complete cleaning was still required, though this is a minor inconvenience, and required by most packages. If I had to raise a critisicm, it's that the freeware version still installs a startup item which doesn't actually do anything at all. In the paid version, it loads the always on protection which is not available in the freeware version. This minor annoyance aside, it remains my top recommendation.
Promoted this time to joint second place is A-Squared free edition, and let me be very clear that it is ONLY the free edition that I am able to recommend. A-Squared was able to identify just 43 infections, though some of the more serious threats identified by SAS were included in these. If we disregard tracking cookies, then the margins narrow. However, detection rate is only half the battle, and unfortunately A-Squared was unable to automatically clean some of the more virulent infections found itself. Nevertheless, it helpfully provides a link to forums for manual removal instructions.
The downside of A2 is the download size, being a huge 54.2 MB, immediately followed by a further 20MB updates. Anyone on restricted bandwidth or dial up may be advised to look elsewhere, but for an average broadband connection this should not be a factor.
As mentioned, I can only recommend the freeware version. During testing I inadvertently downloaded the full version of A2, which runs in evaluation mode for 30 days. Strangely, the full version hung on the scan during each test (though the program itself didn't crash), which is a particular worry.
Sharing the second place spot is MalwareBytes AntiMalware. MBAM caused me considerable problems initially, being one of two programs that had been actively bocked from running by one of the nasties I had picked up. Only after renaming the main executable, and running it in safe mode was I able to proceed. This initial scan found 19 infections and managed to clean them sufficently that when I rebooted I was able to run the program in a normal environment. I updated the program and ran a full scan, which found a further 8 infections, bringing the total to 27. Where MBAM did better than other products on test was it's ability to remove hijacked DNS entries (which forced redirection of links from popular search engines to less productive sites).
Separating A2 and MBAM is almost impossible. I found them to be on a par with each other regarding their scans, but both require a technical proficiency that many may not posses; A2 requires manual removal of many threats, whilst MBAM forced me to jump through hoops to get it working.
PCTools SpywareDoctor SE also performed well in scanning, finding 24 threats (excluding cookies). Unfortunately, cleaning the system proved more problematic. Despite reporting successful cleansing, SD failed to terminate processes already running, and did not in fact clean some of the more annoying infections. It would also be useful if SD prompted a reboot after cleansing, though it did not do this, and only experience dictated that this would be a good idea.
SD does, however, include real time protection, which most other products don't, and this protection did block those infections that it had failed to clean. Nevertheless, a further scan and clean with SAS was needed to fully clean my test system. A fine effort, but sadly falling short of the mark. Do note that the free version is no longer available from the PCTools website. It can be obtained as part of the google pack, or from here.
Old timer Ad-Aware, coming in at 35.7MB performed reasonably, if not exceptionally, finding a further 24 infections even after cleaning with A-squared, 4 of which represented real threats, whilst the remaining 20 were cookies.
Doing less well in on demand tests were Spybot S&D, Spyware Terminator and The Cleaner 2010. Spybot was the other program that was actively blocked from running, and nothing I tried could overcome this. It does come with an on demand file scanner which can be run from the command line and set to scan your entire drive. However, after letting this run for over an hour and noting that progress had barely touched my relatively small installation system (2.1 Gb) I cancelled. It would take an age to complete the scan, and would only examine files. Registry entries and services would be left untouched. Spyware Terminator found just 3 threats, and The Cleaner 2010 found absolutely none.
Avorax shield is still in development, and starting to mature, though there are still bugs to be ironed out. For example, once installed, and after the obligatory reboot to enable it to start it's services, it immediately complained that it could not find Firefox. This is no surprise since FF was not installed on the test system, though I fail to see why it should prevent it from doing it's job. Maybe as time progresses this will become more viable, but in my opinion it isn't quite there yet.
And so that leads us to my standard "other recommendations". Internet Explorer has now reached version 8, which I am sure will become the most prolific web browser before too long, and as such will be the most heavily targetted. I stand by previous recommendations that an alternative browser (of which there are many free ones these days, including Firefox, Opera, Google Chrome and Safari) will offer a safer browsing experience.
And in order to shut the door after the horse has bolted, there is still little more useful that HiJack This, which is still a tool requiring expert help, but can be invaluable in helping to clean an infected system. Fortunately, the expert help is still only a forum away.
 And as always, let common sense guide you. Don't run a program from an untrusted source, and don't visit websites where infection is likely. You should also beware of popups from programs that you haven't installed, some of the fake anti-spyware I managed to pick up in my browsing sessions was surprisingly convincing. Remember, sometimes malware will scream into your face that it is there (see pic, not a genuine window amongst them). It will just not tell you what it really is.
|
|
Related Products and Links
|
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
This software category is maintained by volunteer editor Steve Hargreaves. The comments section below is so lengthy that it has become difficult for our visitors to read. Future posts will now be edited for length and repetition, and personal attacks deleted. You are all welcome to join our Security Forum which is much better-suited for intensive debate ... peter |
|||||||||||||||||||||
4.29.1004 
Unrestricted Freeware 
Windows 98, 98SE, ME, 2000, Vista, 2003 and XP Home/Pro
Delicious
Digg
StumbleUpon
Please rate this article
Thank you for the 'welcome', MidnightCowboy!!
I went to get the Bullguard pgm but it downloaded BullGuard_87_x64.exe!
NOT the 85 edition, and when I started to install it - it 'did' say that it was 8.7??
Did I get the correct file or what?
I have a Toshiba Notebook with Windows X64 Vista Home Premium.
I am using Firefox 3.0.15 to surf and download.
Oh, and I found out that Spyware Terminator doesn't run on X64!!
I hope you can answer me before the time limit expires!
I am on the East Coast of USA and it is now 7:23 PM Eastern Standard Time.
Thanks a bunch!!!!
Sue ;>)
Hi
I did answer your query over on the other page but I've only just seen this one. Presumably by now you will know that this file designation is correct. Bullguard only changed the number to .7 to reflect compatibility with Windows 7.
Spyware Terminator will run on x64 and the scanner will function. It's the real-time component which is not yet x64 compatible.
I would consider upgrading your version of Firefox. There is some other useful stuff amongst the rubbish I wrote here!
http://www.techsupportalert.com/content/safe-computing-under-hour.htm
Have fun!
MC
No one should be using IObit 360 anymore seeing that they can't be trusted. IObit 360 is a Chinese company and was recently caught stealing from MalwareBytes and possibly other companies, any company like this can't be trusted to secure your computer period. You can read more here. http://news.cnet.com/8301-27080_3-10389650-245.html
With the permission of the Administrator of this Forum, I will indicate, again, to the readers of this very useful Forum, a link to an article about "Cyberthieves that are hacking into small- and medium-sized organizations, EVERY WEEK, and stealing millions of dollars, in an ongoing scam that has moved about US$100 million out of U.S. bank accounts":
http://www.pcworld.com/article/181354/fbi_warns_of_100m_cyberthreat_to_s...
Even if it has not to do with "spyware", the above mentioned article has to do with the Security, in general.
The following article is "complementary" with the previous one. One quote:
"U.S. officials say government computer systems are probed or scanned MILLIONS of times a day, and face an increasing threat from hackers - cybercriminals looking to steal money, or information, and nation-states aimed at espionage, or the destruction of networks that run VITAL services. Officials have called for a more coordinated effort."
http://www.enterprise-security-today.com/story.xhtml?story_id=69824
Even if my post will be considered "out of topic", I just wanted to warn some of your readers about the dimension of this phenomenon. The threat is becoming very serious. The guys who are behind of these actions, are not amateurs: they are highly skilled "professionals" - belonging to various groups of the organized crime.
I am sure that if more PC users (owners of small businesses) would take a minimum of security measures, they would face less problems with the "cyber-thiefs".
One good starting point would be, for them, to start reading (and putting in practice) the advices given to them, for free!, by the altruist and competent team from techsupportalert.com.
Wolfram
P.S.
After one year, the Conficker worm has passed a dubious milestone: it has now infected more than 7 million computers, security experts estimate...
The problem you had with malwarebytes was that spyware targets the process name and kills it if you are severely infected. Same happens to Stinger, Symantec Virus removal tools, as well as Gmer rootkit detector. Not a problem with the software itself.
The best thing to do always is run a scan in safe mode.
http://news.softpedia.com/news/Malwarebytes-IObit-Stole-Our-Signatures-D...
JustAThought
IObit 360 is removed from majorgeeks.
JustAThought
Hi all,
1.) Does that mean that IOBIT 360 Pro (free license for one year) is 'not' a good product to use??
2.) What about "Spyware Terminator" from Crawler, LLC, (one of a family of companies in the Xacti Group??) The program has a "Real Time Shield" and "HIPS" component!!
Thanks a bunch from a first time poster!
Sincerely,
Sue ;>)
Hi Sue
Welcome to TSA.
Iobit360 is still largely unproven at this stage, especially regarding their real time protection module. As to the other issues which have surfaced recently all of us are making our own personal conclusions based on what we are able to read. I say this with caution because it's likely that we will never be able to tell 100% what has gone here or what anyone's intentions might have been.
Spyware Terminator remains a firm favorite with millions but I still believe that its main strength lies in its HIPS capabilities rather than its spyware detection. It also has some other useful features though so in its category is well worth checking out. If on the other hand you want a top line solution containing everything you could possibly need (including anti-spyware) then checkout our Bullguard offer.
http://www.techsupportalert.com/content/get-top-rated-bullguard-internet...
This is one of the closest "set and forget" programs that I've seen so long as you don't attempt to venture into the advanced firewall or other custom settings. For average users though the standard settings are more than adequate to keep you safe.
I'd say Malwarebytes is by far the best. It finds and removes malware that even SUPERAntiSpyware misses. Download these 2 and that's all you'll need.
I agree. Malwarebytes is the one I always run first. It seems to get the nastiest trojan infections on the first shot. I run Super antispyware second to mop up.
Always rename you executables before installing as more and more trojans seem to block installations as well as updates. If it won't install or update run in safe mode.
FWIW I don't like A2 at all and find it significantly inferior to the other 2.
-J
I don't think you have cleaned very many Trojan infected machines. A-squared is superior to Malwarebytes and SuperAntiSpyware in Trojan cleaning.
Report on effectiveness vs. Personal Guard 2009:
I did a search to see if this had been mentioned and got no hits so hoping not to be redundant here. Not a pro-techie or even a competent techie - just a fiddler knowing just enough to be dangerous.
One of our pc's - a Dell running WinXP used extensively by a teenager (yeah, I know) - recently was infected with this annoying and persistent little devil.
First I tried manual removal, using instructions from another help site. Stopped the process, searched regedit for all PG09 references, deleted, then tried to manually delete all file ref's. Deleting the PG09 folder returned the infuriating "denied" msg saying that I did not have the right to do this. You guys know better than me, but PG09 must place a hidden defense thingee in there?
Tried SUPERAntiSpyware first. It not only wouldn't remove PG09, but on reboot, I got the infamous ugly screen giving me different boot-up options - Safe Mode, etc. It would only successfully re-boot if I chose "return to an earlier successful configuration" or something like that. Even at that I now had a new window to go with PG09's multiplicity of deviltry - saying "couldn't find "logon.exe".
After removing SAS, re-loading, and re-scanning 3 times with similar negative results, exceeding the definition of insanity, I gave up and tried MalwareBytes AntiMalware. Git 'er done, first time, clean and mean.
Just a heads-up for ya'll, and a question - any comment on what SAS might have done that caused the glitchy re-boot?
Anyone know why PG09 prevented manual deletion of it's files?
Recently my cousin's PC was infected with MS Antispyware 2009, a rogue and fake antispyware. IObit Security was able to identify it, and removed the files successfully... but was not able to remove the registry entries.
Superantispyware was able to detect the registry entry, but hanged while removing it.
MBAM was successfully able to delete the registry entry.
This is the first time that I was able to see IObit Security in action. Good work, but not good enough, since it should clean everything infected... it left behind registry entry in this case. The product is fairly new though, and I hope it will improve. Its going good from what I read. The real-time protection is definitely a big plus.
Anupam
hey when is there going to be a update? i want to see how IObit Security 360 fairs on this.
ps. how good/safe is Advanced Spyware Remover 1.98 and SpywareGuard 2.2
SpywareGuard is from a reputable company (Javacool) but is a "work in progress". This warning is displayed on their web page
"While we do strive to fix any compatibility problems that may arise, we cannot guarantee that it will not conflict with other security software on your machine. SpywareGuard has also not been tested with Windows Vista."
The Advanced Spyware Remover site is red rated by WOT so stay well away from it.
In reality many people overestimate their need for anti-spyware programs in addition to the protection already provided by their existing firewall/AV solutions. If you fancy trying something different then check out our "Hot Finds" section from the main menu this coming Thursday/Friday for a program which offers protection across the whole threat range, and includes a top rated firewall.
thanks for the info
Hitman Pro and Prevx (no removal, but still great help for cleaning purposes) belong to top. IoBit 360 has excellent scanner too. I've tested all for severely infected systems with good/excellent results. I'm skeptical of Ad-Aware being as useful.
P.S. Boclean is dead, baby. Boclean is dead. (Guess what movie? :)
I removed it from the text.
All three look promising, but when I have to clean a system, I first use A-squared and find, I don't need to use anything else. I have never had an FP either.
Ad-Aware used to be my favorite for Years, but why would I want to install services that I didn't ask for, or not be able to turn them off?
Why do I want to D/L a browser???? (Google Chrome included in that massive 75meg file).
It went from an Excellent application & 13meg to almost 80meg, BLOAT-WARE, and your older 'petite' version won't update anymore. I'll never be back.
Uninstalled, deleted, out the door!
I've used Superantispyware but all that it ever finds are cookies. And, for that, I could simply delete all my cookies in the first place! Never found things that Ad-Aware Pro found.
SuperAntiSpyware found a Trojan for me once. Malwarebytes has never found anything and A-squared is the winner finding a few nasty Trojans.
Have you confirmed that the files Ad-Adware found were malware by uploading it to VirusTotal?
Why would I need to? Ad-Aware has a long history of effective software.
Every signature scanner has false positives.
I'm sorry, but I don't think your statement is correctly qualified. The reason I say this, because its the heuristic component of any anti-malware that is producing the FP's versus the signature scanning.
I'm not really sure what you're trying to say. If it was a heuristics detection there's even more chance it could be an FP. Or maybe it isn't, I don't know. But a quick check to VirusTotal would make it much more clear, instead of saying 1 scanner detected it and 1 scanner didn't so it must be malware.
awesome
Not an awesome answer. Just playing safe.
I have downloaded and run SuperAntiSpyware on two systems this morning. One an older Windows 2000 PC running AVG 8.5 (??guessing at version cos I'm not in front of that PC) and just now on a Windows XP PC.
The Windows XP is running the free version of Comodo Internet Security. It detects a virus during the instal of SuperAntiSpyware the AVG/Windows 2000 PC didn't. Is this just Comodo being over zealous or AVG not being very good?
Cheers
Peter
Hi Peter
It's likely to be a false positive but you should upload the file details to Virus Total to make sure. CIS did suffer from an overly large rate of FP's until recently but the latest version has now fixed this problem.
http://www.virustotal.com/
Thanks.. new in these parts. Virus Total reported two infections out of over 40 different scans. I'll regard them as false positives.
Cheers
Peter
You're welcome, glad to have you on board. If you need any specific guidance with anything you might get a more comprehensive response by posting in the forum.
http://www.techsupportalert.com/freeware-forum/
http://db.iobit.com/license-free/win7-special-offer.php
The link is free license for IOBIT 360
I now have IObit 360 security 'pro' for a year....Thank you !!! for posting that link. looking forward for the new testing results on this forum
I've followed this link using two different browsers and two different email clients and in both cases the line showing License code: is blank. I've mailed Iobit for assistance and I'll post their response here.
The link above for Iobit Security 360 license is now working. Apparently they ran out because of the demand!
My man, MC, glad I can contribute.
This article is outdated. Ad-Aware's latest version is a whopping 73 MB! No good for dial-up users/losers like me.
Theres a spelling error the first time Ad-Aware is mentioned. It says Adaware, which actually used to be a rouge. (!) It's spelled Ad-Aware...
Hey, I just found this Anti-spyware Plus
http://antispywareplus.net/en/index.html
I'm not sure if this is a good anti-spyware, any thoughts?
Anti-spyware plus in my opinion is one to be avoided. There are several such programs with this name but with slightly different spellings. This one has a terms of use and conditions which are vague, confusing and ambiguous. Also attempts to change the users home page although they say this is "optional". Anyone wanting this type of application would be far better to consider Iobit Security 360 or another of the freely available recognized solutions.
Hi, MC, are you suggesting that IObit 360 should be the primary choice in dealing with spywares?
Ah well, so here opens up the hole for MC to walk in to! In truth, we've yet to see some really independent test results for Iobit 360 other than those which have appeared on their own forum. I'm not denying it's obvious ability to find things but I'm still a bit confused as to exactly what the target focus is. What I will say is that in choosing security software of any type, one of the main selection criteria should be it's ability to "do no harm". If for instance another program with a higher detection rate is also known to give system problems (which some are) then I would always go for the safer option and take more responsibility myself for where I surf to and how, rather than relying on the strongest security solution to do this for me. Iobit 360 certainly falls into the safe to use category.
Overall, Iobit produces good stuff and has a responsible attitude towards development and bug resolving. The editors here at TSA helped with the beta testing feedback and all were impressed not just with the program but with the speed at which issues got fixed after reporting. I handled the coordination for this and the response from the vendor was virtually immediate. If this was a front line solution I'd maybe still be advising caution in lieu of some extra results data, but as it's complimentary, easy on resources, offers real-time protection for free and seems happy on anyone's system then yes, go for it. People electing to keep their usual anti-spyware scanners installed can help us all with some additional feedback in the event that any of these flag something genuine missed my Iobit. From what I've seen so far though these results are likely to be the other way round.
My man, if it's good enough for you, then it's good enough for me.
Anyone knows about IOBit Security 360?
excellent.
I have had good luck with it. I'm not a highly experienced computer user, just an old man that surfs, uses E-bay, reads the news, etc.
I like it because it is presented in simple terms that average folks can understand. You can configure it lots of different ways.
It's quick, compared to others.
It hasn't done damage to any programs that I know of.[ Computer never has locked up, or stopped either while it scans, or later.]
Updated daily; Fast updates less than 30 seconds.
I use it daily.
I've tried some of the more technically advanced programs, and had problems.
is more spyware remover ,
Is this ever gonna get updated?
Post new comment